
QUESTION NO: 6
Which signature action or actions should be selected to cause the attacker's traffic flow to
terminate when the Cisco IPS Sensor is operating in promiscuous mode?
A. deny attacker
B. resettcp connection
C. deny connection
D. deny packet
E. deny packet, resettcp connection
F. deny connection, resettcp connection
Answer: B
QUESTION NO: 7
You are using Cisco IDM. What precaution must you keep in mind when adding, editing, or
deleting allowed hosts on a Cisco IPS Sensor?
A. You must not allow entire subnets to access the Cisco IPS Sensor
B. You must not delete the IP address used for remote management.
C. When using access lists to permit remote access, you must specify the direction of allowed
communications.
D. You can only configure the allowed hosts using the CLI.
E. You must use an inverse mask, such as 10.0.2.0 0.0.0.255, for the specified network mask for
the IP address.
Answer: B
QUESTION NO: 8
Which action does the copy /erase ftp://172.26.26.1/sensor_config01 current-config command
perform?
A. erases the sensor_config01 file on the FTP server and replaces it with the current configuration
file from the Cisco IPS Sensor
B. merges the source configuration file with the current configuration
C. copies and saves the running configuration to the FTP server and replaces it with the source
configuration file
D. overwrites the backup configuration and applies the source configuration file to the system
default configuration
Cisco 642-533: Practice Exam
5
http://certkill.com